SSH on by default? (Was: too many deamons by default - F7 test 2 live cd)
Alexander Boström
abo at kth.se
Wed Mar 21 19:14:15 UTC 2007
ons 2007-03-21 klockan 15:02 -0400 skrev Jon Masters:
> IMO, yes. There are few times where I'll argue for services on by
> default but SSH is one of those fundamental services that one expects to
> have, pretty much on any box where an ssh server is installed. And yes,
> I'd argue that even applies to desktop/laptop users :-)
*sighs*
I just really doubt there's any reasonable way to prevent bad passwords
from being exploited. So it will happen, and that's just not acceptable.
Zombie machines, running Fedora? Come on, we're supposed to be better
than that! It's really bad and and it's also bad PR.
Perhaps forcing people to use good passwords would be possible, but I
doubt it.
I helped a guy install Fedora once, over AIM chat where I didn't
actually have any control over the machine... I had to point out to him
very explicitly that if he doesn't turn off sshd it'll give him trouble.
(Including explaining to him that why it's bad if someone guesses his
password and gets access to his machine, it wasn't entirely obvious to
him.) I think he got the point and managed to type the right commands to
disable it though.
/abo
More information about the fedora-devel-list
mailing list